The Boston Diaries

The ongoing saga of a programmer who doesn't live in Boston, nor does he even like Boston, but yet named his weblog/journal “The Boston Diaries.”

Go figure.

Saturday, October 17, 2015

Too many moving parts

Ever since I got the new router, I've been having some weird issues with browsing. Most sites would come up instantly while others, like Hoade's, would take minutes to come up, and when the page would finally display there would be horrible formatting (probably due to not loading the style sheets).

This behavior is a classic DNS problem. But the only thing that changed, DNS wise, is the introduction of the new router. Is it possible the new router is filtering DNS results? I did a query on a problematic address and got:

[spc]lucy:~/source/spcdns/built>./dotest -s 192.168.1.10 use.typekit.net. a
; Questions            = 1
; Answers              = 1
; Name Servers         = 0
; Additional Records   = 0
; Authoritative Result = false
; Truncated Result     = false
; Recursion Desired    = true
; Recursion Available  = true
; Result               = No error

;;; QUESTIONS

;use.typekit.net. IN A

;;; ANSWERS

use.typekit.net.         3600   IN      CNAME   cs485.wac.gammacdn.net.

;;; NAMESERVERS

;;; ADDITIONAL

Hmm … now let's do the same query from somewhere else:

[spc]brevard:~/source/spcdns/built>./dotest -s 70.34.22.227 use.typekit.net. a
; Questions            = 1
; Answers              = 2
; Name Servers         = 2
; Additional Records   = 0
; Authoritative Result = false
; Truncated Result     = false
; Recursion Desired    = true
; Recursion Available  = true
; Result               = No error

;;; QUESTIONS

;use.typekit.net. IN A

;;; ANSWERS

use.typekit.net.         3600   IN      CNAME   cs485.wac.gammacdn.net.
cs485.wac.gammacdn.net.  3600   IN      A       192.229.163.37

;;; NAMESERVERS

gammacdn.net.           127697  IN      NS      ns2.gammacdn.net.
gammacdn.net.           127697  IN      NS      ns1.gammacdn.net.

;;; ADDITIONAL

Odd. And annoying. Doing a search on DNS issues with my router was dismaying to say the least. First off, the pages would take minutes to load and thus, no style information and thus hard to read. Secondly, from what I could read, there actually might be an issue with DNS on this router. Lovely!

But in playing around with this stuff, I did find this comment in the DNS server configuration file:

        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
         query-source address * port 53;

I know I added that comment, fixing an issue with DNS a few years ago. Really? Could that be the problem? Let me comment that directive out … and it's all fixed!

What the—

Okay, I've done some research, and it also revealed another issue I noticed with the new router. Network devices obtaining network information via DHCP were getting the router's IP address for DNS, not my actual DNS server. It appears that Linksys decided to direct all DNS traffic to the router and have it query the DNS server. It may have something to do with their “cloud” offering (so you can configure your router remotely—do people really want this feature?) I don't know. But it's a weird way of handling DNS. And having queries come from port 53 may have been confusing the router.

When I try it now (the the previous DNS server configuration) I get:

[spc]lucy:~/source/spcdns/built>./dotest use.typekit.net. a
net_request() = Connection timed out

I think I can explain this difference between the two results. I switched out the router but the DNS server was still running. Over time, certain DNS records expired and thus, not all the required information could be returned. The DNS server was getting some weird packet (more on that below) and just returning what it could at the time. Restarting the DNS server flushes all existing records and because of some weirdness with the router and DNS, some queries are just … lost … somewhere … over the rainbow.

I don't know, I don't have the source code to the router to troubleshoot—

Sorry about that. Bunny came in and said she couldn't get Netflix on the “smart” television. What the hell?

One hour and much cursing and angry shouts later, it's working. How? I dunno. All I want it a dumb wireless pipe to the Intarwebs. I don't need this “user friendly” crap router to intervene on my behalf. Is that so wrong?

Obligatory Picture

[The future's so bright, I gotta wear shades]

Obligatory Contact Info

Obligatory Feeds

Obligatory Links

Obligatory Miscellaneous

You have my permission to link freely to any entry here. Go ahead, I won't bite. I promise.

The dates are the permanent links to that day's entries (or entry, if there is only one entry). The titles are the permanent links to that entry only. The format for the links are simple: Start with the base link for this site: https://boston.conman.org/, then add the date you are interested in, say 2000/08/01, so that would make the final URL:

https://boston.conman.org/2000/08/01

You can also specify the entire month by leaving off the day portion. You can even select an arbitrary portion of time.

You may also note subtle shading of the links and that's intentional: the “closer” the link is (relative to the page) the “brighter” it appears. It's an experiment in using color shading to denote the distance a link is from here. If you don't notice it, don't worry; it's not all that important.

It is assumed that every brand name, slogan, corporate name, symbol, design element, et cetera mentioned in these pages is a protected and/or trademarked entity, the sole property of its owner(s), and acknowledgement of this status is implied.

Copyright © 1999-2024 by Sean Conner. All Rights Reserved.